I have added the before_destroy callback to the Crop model to destroy all CropCompanion records where the crop is crop_b. (#4266)

I have added a new test to `spec/models/crop_spec.rb` to verify that deleting a crop also destroys the associated `CropCompanion` records.

Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>

.devcontainer/docker-compose.yml

@@ -27,7 +27,7 @@ services:
     command: sleep infinity
 
   db:
-    image: postgres:latest
+    image: postgres:17
     restart: unless-stopped
     volumes:
       - postgres-data:/var/lib/postgresql/data

.github/workflows/ci-features-admin.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-comments.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-conversations.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-crops.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-gardens.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-harvests.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-home.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-members.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-places.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-plantings.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-posts.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-seeds.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features-timeline.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -103,7 +103,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci-features.yml

@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -74,7 +74,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 
@@ -112,7 +112,7 @@ jobs:
 
       - name: Upload screenshots
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: screenshots
           path: tmp/screenshots

.github/workflows/ci.yml

@@ -6,7 +6,7 @@ jobs:
   contributors:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: Install ruby version specified in .ruby-version
         uses: ruby/setup-ruby@v1
         with:
@@ -53,7 +53,7 @@ jobs:
 
     steps:
       - name: Checkout this repo
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Configure sysctl limits
         run: |
@@ -89,7 +89,7 @@ jobs:
           sudo apt-get -y install libpq-dev google-chrome-stable
 
       - name: Install NodeJS
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v6
         with:
           node-version: '12'
 

Gemfile.lock

@@ -33,47 +33,49 @@ GEM
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actioncable (7.2.3)
+      actionpack (= 7.2.3)
+      activesupport (= 7.2.3)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
       zeitwerk (~> 2.6)
-    actionmailbox (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activejob (= 7.2.2.2)
-      activerecord (= 7.2.2.2)
-      activestorage (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actionmailbox (7.2.3)
+      actionpack (= 7.2.3)
+      activejob (= 7.2.3)
+      activerecord (= 7.2.3)
+      activestorage (= 7.2.3)
+      activesupport (= 7.2.3)
       mail (>= 2.8.0)
-    actionmailer (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      actionview (= 7.2.2.2)
-      activejob (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actionmailer (7.2.3)
+      actionpack (= 7.2.3)
+      actionview (= 7.2.3)
+      activejob (= 7.2.3)
+      activesupport (= 7.2.3)
       mail (>= 2.8.0)
       rails-dom-testing (~> 2.2)
-    actionpack (7.2.2.2)
-      actionview (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actionpack (7.2.3)
+      actionview (= 7.2.3)
+      activesupport (= 7.2.3)
+      cgi
       nokogiri (>= 1.8.5)
       racc
-      rack (>= 2.2.4, < 3.2)
+      rack (>= 2.2.4, < 3.3)
       rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
       useragent (~> 0.16)
-    actiontext (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activerecord (= 7.2.2.2)
-      activestorage (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actiontext (7.2.3)
+      actionpack (= 7.2.3)
+      activerecord (= 7.2.3)
+      activestorage (= 7.2.3)
+      activesupport (= 7.2.3)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.2.2.2)
-      activesupport (= 7.2.2.2)
+    actionview (7.2.3)
+      activesupport (= 7.2.3)
       builder (~> 3.1)
+      cgi
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
@@ -82,27 +84,27 @@ GEM
       addressable
     active_median (0.6.0)
       activesupport (>= 7.1)
-    active_record_union (1.3.0)
-      activerecord (>= 4.0)
+    active_record_union (1.4.0)
+      activerecord (>= 6.0)
     active_utils (3.6.0)
       activesupport (>= 4.2)
       i18n
-    activejob (7.2.2.2)
-      activesupport (= 7.2.2.2)
+    activejob (7.2.3)
+      activesupport (= 7.2.3)
       globalid (>= 0.3.6)
-    activemodel (7.2.2.2)
-      activesupport (= 7.2.2.2)
-    activerecord (7.2.2.2)
-      activemodel (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    activemodel (7.2.3)
+      activesupport (= 7.2.3)
+    activerecord (7.2.3)
+      activemodel (= 7.2.3)
+      activesupport (= 7.2.3)
       timeout (>= 0.4.0)
-    activestorage (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activejob (= 7.2.2.2)
-      activerecord (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    activestorage (7.2.3)
+      actionpack (= 7.2.3)
+      activejob (= 7.2.3)
+      activerecord (= 7.2.3)
+      activesupport (= 7.2.3)
       marcel (~> 1.0)
-    activesupport (7.2.2.2)
+    activesupport (7.2.3)
       base64
       benchmark (>= 0.3)
       bigdecimal
@@ -119,15 +121,15 @@ GEM
     ast (2.4.3)
     autoprefixer-rails (10.4.16.0)
       execjs (~> 2)
-    axe-core-api (4.10.3)
+    axe-core-api (4.11.0)
       dumb_delegator
       ostruct
       virtus
-    axe-core-capybara (4.10.3)
-      axe-core-api (= 4.10.3)
+    axe-core-capybara (4.11.0)
+      axe-core-api (= 4.11.0)
       dumb_delegator
-    axe-core-rspec (4.10.3)
-      axe-core-api (= 4.10.3)
+    axe-core-rspec (4.11.0)
+      axe-core-api (= 4.11.0)
       dumb_delegator
       ostruct
       virtus
@@ -137,12 +139,12 @@ GEM
       thread_safe (~> 0.3, >= 0.3.1)
     base64 (0.3.0)
     bcrypt (3.1.20)
-    benchmark (0.4.1)
+    benchmark (0.5.0)
     better_errors (2.10.1)
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
       rouge (>= 1.0.0)
-    bigdecimal (3.2.3)
+    bigdecimal (3.3.1)
     bluecloth (2.2.0)
     bonsai-elasticsearch-rails (7.0.1)
       elasticsearch-model (< 8)
@@ -156,7 +158,7 @@ GEM
       actionpack (>= 6.1)
       activemodel (>= 6.1)
     builder (3.3.0)
-    bullet (8.0.8)
+    bullet (8.1.0)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
     byebug (12.0.0)
@@ -183,7 +185,8 @@ GEM
       image_processing (~> 1.1)
       marcel (~> 1.0.0)
       ssrf_filter (~> 1.0)
-    chartkick (5.2.0)
+    cgi (0.5.0)
+    chartkick (5.2.1)
     childprocess (5.0.0)
     coderay (1.1.3)
     coercible (1.0.0)
@@ -198,7 +201,7 @@ GEM
     comfy_bootstrap_form (4.0.9)
       rails (>= 5.0.0)
     concurrent-ruby (1.3.5)
-    connection_pool (2.5.4)
+    connection_pool (2.5.5)
     crass (1.0.6)
     crowdin-api (1.12.0)
       open-uri (>= 0.1.0, < 0.2.0)
@@ -219,7 +222,7 @@ GEM
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
-    date (3.4.1)
+    date (3.5.0)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
     devise (4.9.4)
@@ -251,7 +254,7 @@ GEM
     elasticsearch-transport (7.0.0)
       faraday
       multi_json
-    erb (5.0.2)
+    erb (6.0.0)
     erubi (1.13.1)
     erubis (2.7.0)
     excon (1.2.5)
@@ -264,7 +267,7 @@ GEM
       railties (>= 6.1.0)
     faker (3.5.2)
       i18n (>= 1.8.11, < 2)
-    faraday (2.13.4)
+    faraday (2.14.0)
       faraday-net_http (>= 2.0, < 3.5)
       json
       logger
@@ -285,21 +288,21 @@ GEM
       multi_json (>= 1.9.0)
     gli (2.22.2)
       ostruct
-    globalid (1.2.1)
+    globalid (1.3.0)
       activesupport (>= 6.1)
     gravatar-ultimate (2.0.0)
       activesupport (>= 2.3.14)
       rack
-    haml (6.3.0)
+    haml (7.0.2)
       temple (>= 0.8.2)
       thor
       tilt
-    haml-rails (2.1.0)
+    haml-rails (3.0.0)
       actionpack (>= 5.1)
       activesupport (>= 5.1)
       haml (>= 4.0.6)
       railties (>= 5.1)
-    haml_lint (0.66.0)
+    haml_lint (0.67.0)
       haml (>= 5.0)
       parallel (~> 1.10)
       rainbow
@@ -324,20 +327,21 @@ GEM
       multi_xml (>= 0.5.2)
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
-    i18n-tasks (1.0.15)
+    i18n-tasks (1.1.2)
       activesupport (>= 4.0.2)
       ast (>= 2.1.0)
       erubi
-      highline (>= 2.0.0)
+      highline (>= 3.0.0)
       i18n
       parser (>= 3.2.2.1)
+      prism
       rails-i18n
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.8, >= 1.8.1)
       terminal-table (>= 1.5.1)
     i18n_data (1.1.0)
       simple_po_parser (~> 1.1)
-    icalendar (2.12.0)
+    icalendar (2.12.1)
       base64
       ice_cube (~> 0.16)
       logger
@@ -348,17 +352,18 @@ GEM
       mini_magick (>= 4.9.5, < 5)
       ruby-vips (>= 2.0.17, < 3)
     io-console (0.8.1)
-    irb (1.15.2)
+    irb (1.15.3)
       pp (>= 0.6.0)
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
-    jquery-rails (4.6.0)
+    jquery-rails (4.6.1)
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
-    json (2.15.0)
-    json-schema (5.1.0)
+    json (2.16.0)
+    json-schema (6.0.0)
       addressable (~> 2.8)
+      bigdecimal (~> 3.1)
     jsonapi-resources (0.10.7)
       activerecord (>= 4.1)
       concurrent-ruby
@@ -384,7 +389,8 @@ GEM
     loofah (2.24.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
-    mail (2.8.1)
+    mail (2.9.0)
+      logger
       mini_mime (>= 0.1.1)
       net-imap
       net-pop
@@ -411,7 +417,7 @@ GEM
     mini_magick (4.12.0)
     mini_mime (1.1.5)
     mini_portile2 (2.8.9)
-    minitest (5.25.5)
+    minitest (5.26.2)
     moneta (1.0.0)
     msgpack (1.8.0)
     multi_json (1.15.0)
@@ -419,7 +425,7 @@ GEM
       bigdecimal (~> 3.1)
     net-http (0.6.0)
       uri
-    net-imap (0.5.9)
+    net-imap (0.5.12)
       date
       net-protocol
     net-pop (0.1.2)
@@ -429,14 +435,14 @@ GEM
     net-smtp (0.5.1)
       net-protocol
     netrc (0.11.0)
-    nio4r (2.7.4)
-    nokogiri (1.18.9)
+    nio4r (2.7.5)
+    nokogiri (1.18.10)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.18.9-x86_64-linux-gnu)
+    nokogiri (1.18.10-x86_64-linux-gnu)
       racc (~> 1.4)
     oauth (0.5.6)
-    oj (3.16.11)
+    oj (3.16.12)
       bigdecimal (>= 3.0)
       ostruct (>= 0.2)
     omniauth (1.9.2)
@@ -452,7 +458,7 @@ GEM
     orm_adapter (0.5.0)
     ostruct (0.6.3)
     parallel (1.27.0)
-    parser (3.3.9.0)
+    parser (3.3.10.0)
       ast (~> 2.4.1)
       racc
     percy-capybara (5.0.0)
@@ -464,22 +470,22 @@ GEM
       moneta (~> 1.0.0)
       rate_throttle_client (~> 0.1.0)
     popper_js (2.11.8)
-    pp (0.6.2)
+    pp (0.6.3)
       prettyprint
     prettyprint (0.2.0)
-    prism (1.5.1)
+    prism (1.6.0)
     pry (0.15.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
     psych (5.2.6)
       date
       stringio
-    public_suffix (6.0.1)
-    puma (7.0.4)
+    public_suffix (6.0.2)
+    puma (7.1.0)
       nio4r (~> 2.0)
-    query_diet (0.7.2)
+    query_diet (0.7.3)
     racc (1.8.1)
-    rack (2.2.18)
+    rack (2.2.21)
     rack-cors (2.0.2)
       rack (>= 2.0.0)
     rack-protection (3.2.0)
@@ -492,20 +498,20 @@ GEM
     rackup (1.0.1)
       rack (< 3)
       webrick
-    rails (7.2.2.2)
-      actioncable (= 7.2.2.2)
-      actionmailbox (= 7.2.2.2)
-      actionmailer (= 7.2.2.2)
-      actionpack (= 7.2.2.2)
-      actiontext (= 7.2.2.2)
-      actionview (= 7.2.2.2)
-      activejob (= 7.2.2.2)
-      activemodel (= 7.2.2.2)
-      activerecord (= 7.2.2.2)
-      activestorage (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    rails (7.2.3)
+      actioncable (= 7.2.3)
+      actionmailbox (= 7.2.3)
+      actionmailer (= 7.2.3)
+      actionpack (= 7.2.3)
+      actiontext (= 7.2.3)
+      actionview (= 7.2.3)
+      activejob (= 7.2.3)
+      activemodel (= 7.2.3)
+      activerecord (= 7.2.3)
+      activestorage (= 7.2.3)
+      activesupport (= 7.2.3)
       bundler (>= 1.15.0)
-      railties (= 7.2.2.2)
+      railties (= 7.2.3)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -525,39 +531,42 @@ GEM
       rails_stdout_logging
     rails_serve_static_assets (0.0.5)
     rails_stdout_logging (0.0.5)
-    railties (7.2.2.2)
-      actionpack (= 7.2.2.2)
-      activesupport (= 7.2.2.2)
+    railties (7.2.3)
+      actionpack (= 7.2.3)
+      activesupport (= 7.2.3)
+      cgi
       irb (~> 1.13)
       rackup (>= 1.0.0)
       rake (>= 12.2)
       thor (~> 1.0, >= 1.2.2)
+      tsort (>= 0.2)
       zeitwerk (~> 2.6)
     rainbow (3.1.1)
     raindrops (0.20.1)
-    rake (13.3.0)
+    rake (13.3.1)
     rate_throttle_client (0.1.2)
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rdoc (6.14.2)
+    rdoc (6.16.1)
       erb
       psych (>= 4.0.0)
+      tsort
     recaptcha (5.21.1)
     redis-client (0.23.2)
       connection_pool
     regexp_parser (2.11.3)
-    reline (0.6.2)
+    reline (0.6.3)
       io-console (~> 0.5)
-    responders (3.1.1)
-      actionpack (>= 5.2)
-      railties (>= 5.2)
+    responders (3.2.0)
+      actionpack (>= 7.0)
+      railties (>= 7.0)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rexml (3.4.2)
+    rexml (3.4.4)
     rouge (4.1.2)
     rspec (3.13.0)
       rspec-core (~> 3.13.0)
@@ -567,7 +576,7 @@ GEM
       activemodel (>= 3.0)
       activesupport (>= 3.0)
       rspec-mocks (>= 2.99, < 4.0)
-    rspec-core (3.13.5)
+    rspec-core (3.13.6)
       rspec-support (~> 3.13.0)
     rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
@@ -585,23 +594,23 @@ GEM
       rspec-support (~> 3.13)
     rspec-rebound (0.2.1)
       rspec-core (~> 3.3)
-    rspec-support (3.13.4)
+    rspec-support (3.13.6)
     rspectre (0.2.0)
       parser (>= 3.3.7.1)
       prism (~> 1.3)
       rspec (~> 3.10)
-    rswag-api (2.16.0)
-      activesupport (>= 5.2, < 8.1)
-      railties (>= 5.2, < 8.1)
-    rswag-specs (2.16.0)
-      activesupport (>= 5.2, < 8.1)
-      json-schema (>= 2.2, < 6.0)
-      railties (>= 5.2, < 8.1)
+    rswag-api (2.17.0)
+      activesupport (>= 5.2, < 8.2)
+      railties (>= 5.2, < 8.2)
+    rswag-specs (2.17.0)
+      activesupport (>= 5.2, < 8.2)
+      json-schema (>= 2.2, < 7.0)
+      railties (>= 5.2, < 8.2)
       rspec-core (>= 2.14)
-    rswag-ui (2.16.0)
-      actionpack (>= 5.2, < 8.1)
-      railties (>= 5.2, < 8.1)
-    rubocop (1.81.0)
+    rswag-ui (2.17.0)
+      actionpack (>= 5.2, < 8.2)
+      railties (>= 5.2, < 8.2)
+    rubocop (1.81.7)
       json (~> 2.3)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.1.0)
@@ -612,16 +621,16 @@ GEM
       rubocop-ast (>= 1.47.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 4.0)
-    rubocop-ast (1.47.1)
+    rubocop-ast (1.48.0)
       parser (>= 3.3.7.2)
       prism (~> 1.4)
     rubocop-capybara (2.22.1)
       lint_roller (~> 1.1)
       rubocop (~> 1.72, >= 1.72.1)
-    rubocop-factory_bot (2.27.1)
+    rubocop-factory_bot (2.28.0)
       lint_roller (~> 1.1)
       rubocop (~> 1.72, >= 1.72.1)
-    rubocop-rails (2.33.3)
+    rubocop-rails (2.34.1)
       activesupport (>= 4.2.0)
       lint_roller (~> 1.1)
       rack (>= 1.1)
@@ -630,10 +639,10 @@ GEM
     rubocop-rake (0.7.1)
       lint_roller (~> 1.1)
       rubocop (>= 1.72.1)
-    rubocop-rspec (3.7.0)
+    rubocop-rspec (3.8.0)
       lint_roller (~> 1.1)
-      rubocop (~> 1.72, >= 1.72.1)
-    rubocop-rspec_rails (2.31.0)
+      rubocop (~> 1.81)
+    rubocop-rspec_rails (2.32.0)
       lint_roller (~> 1.1)
       rubocop (~> 1.72, >= 1.72.1)
       rubocop-rspec (~> 3.5)
@@ -641,7 +650,7 @@ GEM
     ruby-units (4.1.0)
     ruby-vips (2.2.1)
       ffi (~> 1.12)
-    rubyzip (3.0.1)
+    rubyzip (3.2.1)
     sass (3.7.4)
       sass-listen (~> 4.0.0)
     sass-listen (4.0.0)
@@ -655,13 +664,13 @@ GEM
       sprockets (> 3.0)
       sprockets-rails
       tilt
-    scout_apm (5.7.1)
+    scout_apm (5.8.0)
       parser
     searchkick (5.3.1)
       activemodel (>= 6.1)
       hashie
     securerandom (0.4.1)
-    selenium-webdriver (4.35.0)
+    selenium-webdriver (4.38.0)
       base64 (~> 0.2)
       logger (~> 1.4)
       rexml (~> 3.2, >= 3.2.5)
@@ -683,7 +692,7 @@ GEM
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
     ssrf_filter (1.1.2)
-    stringio (3.1.7)
+    stringio (3.1.8)
     sysexits (1.2.0)
     temple (0.10.4)
     terminal-table (4.0.0)
@@ -694,7 +703,8 @@ GEM
     thread_safe (0.3.6)
     tilt (2.6.1)
     timecop (0.9.10)
-    timeout (0.4.3)
+    timeout (0.4.4)
+    tsort (0.2.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (3.2.0)
@@ -703,7 +713,7 @@ GEM
     unicorn (6.1.0)
       kgio (~> 2.6)
       raindrops (~> 0.7)
-    uniform_notifier (1.17.0)
+    uniform_notifier (1.18.0)
     uri (1.0.3)
     useragent (0.16.11)
     validate_url (1.0.15)
@@ -721,7 +731,7 @@ GEM
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
-    webrick (1.9.1)
+    webrick (1.9.2)
     websocket (1.2.11)
     websocket-driver (0.8.0)
       base64

app/controllers/crops_controller.rb

@@ -188,10 +188,11 @@ class CropsController < ApplicationController
 
   def crop_params
     params.require(:crop).permit(
-      :name, :en_wikipedia_url,
+      :name, :en_wikipedia_url, :en_youtube_url,
       :parent_id, :perennial,
       :request_notes, :reason_for_rejection,
       :rejection_notes,
+      :description,
       :row_spacing, :spread, :height,
       :sowing_method, :sun_requirements, :growing_degree_days,
       scientific_names_attributes: %i(scientific_name _destroy id)

app/helpers/crops_helper.rb

@@ -17,4 +17,12 @@ module CropsHelper
   def crop_ebay_seeds_url(crop)
     "https://www.ebay.com/sch/i.html?_nkw=#{CGI.escape crop.name}"
   end
+
+  def youtube_video_id(url)
+    return unless url
+
+    regex = %r{(?:youtube(?:-nocookie)?\.com/(?:[^/\n\s]+/\S+/|(?:v|e(?:mbed)?)/|\S*?[?&]v=)|youtu\.be/)([a-zA-Z0-9_-]{11})}
+    match = url.match(regex)
+    match[1] if match
+  end
 end

app/models/concerns/open_farm_data.rb

@@ -19,10 +19,6 @@ module OpenFarmData
       fetch_attr('tags_array')
     end
 
-    def description
-      fetch_attr('description')
-    end
-
     def common_names
       fetch_attr('common_names')
     end

app/models/crop.rb

@@ -55,6 +55,12 @@ class Crop < ApplicationRecord
               message: 'is not a valid English Wikipedia URL'
             },
             if:     :approved?
+  validates :en_youtube_url,
+            format: {
+              with:    %r{\A(?:https?://)?(?:www\.)?(?:youtube(?:-nocookie)?\.com/(?:(?:v|e(?:mbed)?)/|\S*?[?&]v=)|youtu\.be/)[a-zA-Z0-9_-]{11}(?:[?&]\S*)?\z},
+              message: 'is not a valid YouTube URL'
+            },
+            allow_blank: true
   validates :name, uniqueness: { scope: :approval_status }, if: :pending?
 
   def to_s
@@ -159,8 +165,14 @@ class Crop < ApplicationRecord
     (companions + parent.companions).uniq
   end
 
+  before_destroy :destroy_reverse_companionships
+
   private
 
+  def destroy_reverse_companionships
+    CropCompanion.where(crop_b: self).destroy_all
+  end
+
   def count_uses_of_property(col_name)
     plantings.unscoped
       .where(crop_id: id)

app/views/crops/_form.html.haml

@@ -42,6 +42,7 @@
         %span.help-block Living more than two years
 
       %h2 OpenFarm Data
+      = f.text_area :description, label: 'Description'
       = f.number_field :row_spacing, label: 'Row Spacing (cm)', min: 0
       = f.number_field :spread, label: 'Spread (cm)', min: 0
       = f.number_field :height, label: 'Height (cm)', min: 0
@@ -54,6 +55,9 @@
       = f.url_field :en_wikipedia_url, id: "en_wikipedia_url", label: 'Wikipedia URL'
       %span.help-block
         Link to the crop's page on the English language Wikipedia (required).
+      = f.url_field :en_youtube_url, label: 'YouTube URL'
+      %span.help-block
+        Link to a YouTube video about the crop in English.
 
       -# Only crop wranglers see the crop hierarchy (for now)
       - if can? :wrangle, @crop

app/views/crops/show.html.haml

@@ -30,6 +30,12 @@
         - @crop.all_companions.each do |companion|
           = render 'crops/tiny', crop: companion
 
+    - if @crop.en_youtube_url.present?
+      %section.youtube
+        %h2 Video
+        .embed-responsive.embed-responsive-16by9
+          %iframe.embed-responsive-item{ src: "https://www.youtube.com/embed/#{youtube_video_id(@crop.en_youtube_url)}", allowfullscreen: true }
+
     %section.photos
       = cute_icon
       = render 'crops/photos', crop: @crop
@@ -157,3 +163,10 @@
             = icon 'fas', 'external-link-alt'
             Wikihow instructions
 
+        %li.list-group-item
+          = link_to "https://www.youtube.com/results?search_query=#{CGI.escape "growing #{@crop.name}"}",
+                    target: "_blank",
+                    class: 'card-link',
+                    rel: "noopener noreferrer" do
+            = icon 'fab', 'youtube'
+            YouTube

db/migrate/20251128193317_add_en_youtube_url_to_crops.rb

@@ -0,0 +1,5 @@
+class AddEnYoutubeUrlToCrops < ActiveRecord::Migration[7.2]
+  def change
+    add_column :crops, :en_youtube_url, :string
+  end
+end

db/migrate/20251128200506_add_description_to_crops.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+class AddDescriptionToCrops < ActiveRecord::Migration[7.2]
+  # Temporary model to avoid validation issues
+  class Crop < ApplicationRecord
+  end
+
+  def up
+    add_column :crops, :description, :text
+
+    # Ensure the new column is available to the temporary model
+    Crop.reset_column_information
+
+    Crop.find_each do |crop|
+      next if crop.openfarm_data.blank?
+
+      description = crop.openfarm_data.dig('attributes', 'description')
+      crop.update_column(:description, description) if description.present?
+    end
+  end
+
+  def down
+    remove_column :crops, :description
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.2].define(version: 2025_09_01_144900) do
+ActiveRecord::Schema[7.2].define(version: 2025_11_28_200506) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
 
@@ -259,6 +259,8 @@ ActiveRecord::Schema[7.2].define(version: 2025_09_01_144900) do
     t.string "sowing_method"
     t.string "sun_requirements"
     t.integer "growing_degree_days"
+    t.string "en_youtube_url"
+    t.text "description"
     t.index ["creator_id"], name: "index_crops_on_creator_id"
     t.index ["name"], name: "index_crops_on_name"
     t.index ["parent_id"], name: "index_crops_on_parent_id"
@@ -583,7 +585,6 @@ ActiveRecord::Schema[7.2].define(version: 2025_09_01_144900) do
     t.integer "harvests_count", default: 0
     t.integer "likes_count", default: 0
     t.boolean "failed", default: false, null: false
-    t.boolean "from_other_source"
     t.integer "overall_rating"
     t.index ["crop_id"], name: "index_plantings_on_crop_id"
     t.index ["garden_id"], name: "index_plantings_on_garden_id"

spec/controllers/crops_controller_spec.rb

@@ -101,7 +101,7 @@ describe CropsController do
       it { expect { subject }.to change(AlternateName, :count).by(2) }
       it { expect { subject }.to change(ScientificName, :count).by(1) }
 
-      context 'with openfarm data' do
+      context 'with data' do
         let(:crop_params) do
           {
             crop:     {
@@ -110,16 +110,18 @@ describe CropsController do
               row_spacing:         10,
               spread:              20,
               height:              30,
+              description:         'hello',
               sowing_method:       'direct',
               sun_requirements:    'full sun',
-              growing_degree_days: 100
+              growing_degree_days: 100,
+              en_youtube_url:      'https://www.youtube.com/watch?v=INZybkX8tLI'
             },
             alt_name: { '1': "egg plant", '2': "purple apple" },
             sci_name: { '1': "fancy sci name", '2': "" }
           }
         end
 
-        it 'saves openfarm data' do
+        it 'saves data' do
           subject
           crop = Crop.last
           expect(crop.row_spacing).to eq(10)
@@ -128,6 +130,8 @@ describe CropsController do
           expect(crop.sowing_method).to eq('direct')
           expect(crop.sun_requirements).to eq('full sun')
           expect(crop.growing_degree_days).to eq(100)
+          expect(crop.description).to eq 'hello'
+          expect(crop.en_youtube_url).to eq 'https://www.youtube.com/watch?v=INZybkX8tLI'
         end
       end
     end

spec/models/crop_spec.rb

@@ -544,6 +544,20 @@ describe Crop do
     end
   end
 
+  context "destroying a crop" do
+    let!(:crop_a) { FactoryBot.create(:crop) }
+    let!(:crop_b) { FactoryBot.create(:crop) }
+
+    before do
+      CropCompanion.create(crop_a: crop_a, crop_b: crop_b)
+      CropCompanion.create(crop_a: crop_b, crop_b: crop_a)
+    end
+
+    it "destroys companion links" do
+      expect { crop_a.destroy }.to change { CropCompanion.count }.from(2).to(0)
+    end
+  end
+
   context "crop rejections" do
     let!(:rejected_reason) do
       FactoryBot.create(:crop, name:                 'tomato',

spec/requests/api/v1/activities_request_spec.rb

@@ -3,28 +3,31 @@
 require 'rails_helper'
 
 RSpec.describe 'Activities', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
-  let(:garden) { create(:garden, owner: member) }
-  let(:planting) { create(:planting, garden: garden) }
-  let!(:activity) { FactoryBot.create(:activity, garden: garden, planting: planting, owner: member) }
+  let(:member) { create(:member) }
+  let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+  end
+  let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+  let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+  let!(:activity) { FactoryBot.create(:activity, owner: member, garden: create(:garden, owner: member), planting: create(:planting, owner: member)) }
   let!(:activity2) { FactoryBot.create(:activity) }
 
   it '#index' do
-    get('/api/v1/activities', params: {}, headers: headers)
-    expect(subject['data'].size).to eq(1)
-    expect(subject['data'][0]['id']).to eq(activity.id.to_s)
+    get('/api/v1/activities', params: {}, headers:)
+    expect(subject['data'].size).to eq(2)
   end
 
   it '#show' do
-    get("/api/v1/activities/#{activity.id}", params: {}, headers: headers)
+    get("/api/v1/activities/#{activity.id}", params: {}, headers:)
     expect(subject['data']['id']).to eq(activity.id.to_s)
   end
 
   context 'filtering' do
     it 'filters by owner' do
-      get("/api/v1/activities?filter[owner-id]=#{activity.owner.id}", params: {}, headers: headers)
+      get("/api/v1/activities?filter[owner-id]=#{activity.owner.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -32,7 +35,7 @@ RSpec.describe 'Activities', type: :request do
     end
 
     it 'filters by garden' do
-      get("/api/v1/activities?filter[garden-id]=#{activity.garden.id}", params: {}, headers: headers)
+      get("/api/v1/activities?filter[garden-id]=#{activity.garden.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -40,7 +43,7 @@ RSpec.describe 'Activities', type: :request do
     end
 
     it 'filters by planting' do
-      get("/api/v1/activities?filter[planting-id]=#{activity.planting.id}", params: {}, headers: headers)
+      get("/api/v1/activities?filter[planting-id]=#{activity.planting.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -48,12 +51,45 @@ RSpec.describe 'Activities', type: :request do
     end
 
     it 'filters by category' do
-      activity2.update!(category: activity.category)
-      get("/api/v1/activities?filter[category]=#{activity.category}", params: {}, headers: headers)
+      get("/api/v1/activities?filter[category]=#{activity.category}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
-      expect(subject['data'].size).to eq(1)
+      expect(subject['data'].size).to eq(2)
       expect(subject['data'][0]['id']).to eq(activity.id.to_s)
+      expect(subject['data'][1]['id']).to eq(activity2.id.to_s)
+    end
+  end
+
+  context '#update' do
+    let(:params) do
+      {
+        'data' => {
+          'type' => 'activities',
+          'id' => activity.id.to_s,
+          'attributes' => {
+            'description' => 'A new description',
+            'finished' => true,
+            'due-date' => '2025-10-31'
+          }
+        }
+      }
+    end
+
+    it 'updates the activity' do
+      patch "/api/v1/activities/#{activity.id}", params: params.to_json, headers: auth_headers
+
+      expect(response).to have_http_status(:ok)
+
+      # Check response
+      expect(subject['data']['attributes']['description']).to eq('A new description')
+      expect(subject['data']['attributes']['finished']).to eq(true)
+      expect(subject['data']['attributes']['due-date']).to eq('2025-10-31')
+
+      # Check database
+      activity.reload
+      expect(activity.description).to eq('A new description')
+      expect(activity.finished).to eq(true)
+      expect(activity.due_date.to_s).to eq('2025-10-31')
     end
   end
 end

spec/requests/api/v1/crop_request_spec.rb

@@ -3,9 +3,9 @@
 require 'rails_helper'
 
 RSpec.describe 'Crops', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
+  let(:headers) { { 'Accept' => 'application/vnd.api+json' } }
   let!(:crop)   { FactoryBot.create(:crop) }
   let(:crop_encoded_as_json_api) do
     { "id"            => crop.id.to_s,
@@ -66,13 +66,13 @@ RSpec.describe 'Crops', type: :request do
   end
 
   describe '#index' do
-    before { get '/api/v1/crops', params: {}, headers: headers }
+    before { get '/api/v1/crops', params: {}, headers: }
 
     it { expect(subject['data']).to include(crop_encoded_as_json_api) }
   end
 
   describe '#show' do
-    before { get "/api/v1/crops/#{crop.id}", params: {}, headers: headers }
+    before { get "/api/v1/crops/#{crop.id}", params: {}, headers: }
 
     it { expect(subject['data']['attributes']).to eq(attributes) }
     it { expect(subject['data']['relationships']).to include("plantings" => plantings_as_json_api) }
@@ -85,19 +85,19 @@ RSpec.describe 'Crops', type: :request do
 
   it '#create' do
     expect do
-      post '/api/v1/crops', params: { 'crop' => { 'name' => 'can i make this' } }, headers: headers
+      post '/api/v1/crops', params: { 'crop' => { 'name' => 'can i make this' } }, headers:
     end.to raise_error ActionController::RoutingError
   end
 
   it '#update' do
     expect do
-      post "/api/v1/crops/#{crop.id}", params: { 'crop' => { 'name' => 'can i modify this' } }, headers: headers
+      post "/api/v1/crops/#{crop.id}", params: { 'crop' => { 'name' => 'can i modify this' } }, headers:
     end.to raise_error ActionController::RoutingError
   end
 
   it '#delete' do
     expect do
-      delete "/api/v1/crops/#{crop.id}", params: {}, headers: headers
+      delete "/api/v1/crops/#{crop.id}", params: {}, headers:
     end.to raise_error ActionController::RoutingError
   end
 end

spec/requests/api/v1/gardens_request_spec.rb

@@ -3,10 +3,10 @@
 require 'rails_helper'
 
 RSpec.describe 'Gardens', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
-  let!(:garden) { FactoryBot.create(:garden, owner: member) }
+  let(:headers) { { 'Accept' => 'application/vnd.api+json' } }
+  let!(:garden) { FactoryBot.create(:garden) }
   let(:garden_encoded_as_json_api) do
     { "id"            => garden.id.to_s,
       "type"          => "gardens",
@@ -41,23 +41,20 @@ RSpec.describe 'Gardens', type: :request do
   end
 
   it '#index' do
-    get('/api/v1/gardens', params: {}, headers: headers)
+    get('/api/v1/gardens', params: {}, headers:)
     expect(subject['data']).to include(garden_encoded_as_json_api)
   end
 
   it '#show' do
-    get("/api/v1/gardens/#{garden.id}", params: {}, headers: headers)
+    get("/api/v1/gardens/#{garden.id}", params: {}, headers:)
     expect(subject['data']).to include(garden_encoded_as_json_api)
   end
 
   context 'filtering' do
-    let(:garden_type) { create(:garden_type) }
-    let!(:garden2) { FactoryBot.create(:garden, owner: member, active: false, garden_type: garden_type) }
-    let!(:other_member_garden) { FactoryBot.create(:garden) }
+    let!(:garden2) { FactoryBot.create(:garden, active: false, garden_type: FactoryBot.create(:garden_type)) }
 
-
-    it 'filters by active' do
-      get('/api/v1/gardens?filter[active]=true', params: {}, headers: headers)
+    pending 'filters by active' do
+      get('/api/v1/gardens?filter[active]=true', params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -65,7 +62,7 @@ RSpec.describe 'Gardens', type: :request do
     end
 
     it 'filters by garden_type' do
-      get("/api/v1/gardens?filter[garden_type]=#{garden_type.id}", params: {}, headers: headers)
+      get("/api/v1/gardens?filter[garden_type]=#{garden2.garden_type.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -73,15 +70,22 @@ RSpec.describe 'Gardens', type: :request do
     end
 
     it 'filters by owner' do
-      get("/api/v1/gardens?filter[owner_id]=#{member.id}", params: {}, headers: headers)
+      get("/api/v1/gardens?filter[owner_id]=#{garden2.owner.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(2)
-      expect(subject['data'].map { |g| g['id'] }).to include(garden.id.to_s, garden2.id.to_s)
+      expect(subject['data'][1]['id']).to eq(garden2.id.to_s)
     end
   end
 
   describe '#create' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
     let(:garden_params) do
       {
         data: {
@@ -94,19 +98,26 @@ RSpec.describe 'Gardens', type: :request do
     end
 
     it 'returns 401 Unauthorized without a token' do
-      post '/api/v1/gardens', params: garden_params, headers: unauthenticated_headers
+      post '/api/v1/gardens', params: garden_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 201 Created with a valid token' do
-      expect do
-        post '/api/v1/gardens', params: garden_params, headers: headers
-      end.to change { member.gardens.count }.by(1)
+      post '/api/v1/gardens', params: garden_params, headers: auth_headers
       expect(response).to have_http_status(:created)
+      expect(member.gardens.count).to eq(2) # 1 from after_create callback, 1 from api
     end
   end
 
   describe '#update' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let(:garden) { create(:garden, owner: member) }
     let(:other_member_garden) { create(:garden) }
     let(:update_params) do
       {
@@ -121,12 +132,12 @@ RSpec.describe 'Gardens', type: :request do
     end
 
     it 'returns 401 Unauthorized without a token' do
-      patch "/api/v1/gardens/#{garden.id}", params: update_params, headers: unauthenticated_headers
+      patch "/api/v1/gardens/#{garden.id}", params: update_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 200 OK with a valid token for own garden' do
-      patch "/api/v1/gardens/#{garden.id}", params: update_params, headers: headers
+      patch "/api/v1/gardens/#{garden.id}", params: update_params, headers: auth_headers
       expect(response).to have_http_status(:ok)
       expect(garden.reload.name).to eq('An updated garden')
     end
@@ -141,27 +152,35 @@ RSpec.describe 'Gardens', type: :request do
           }
         }
       }.to_json
-      patch "/api/v1/gardens/#{other_member_garden.id}", params: update_params_for_other, headers: headers
+      patch "/api/v1/gardens/#{other_member_garden.id}", params: update_params_for_other, headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end
 
   describe '#delete' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let!(:garden) { create(:garden, owner: member) }
     let(:other_member_garden) { create(:garden) }
 
     it 'returns 401 Unauthorized without a token' do
-      delete "/api/v1/gardens/#{garden.id}", headers: unauthenticated_headers
+      delete "/api/v1/gardens/#{garden.id}", headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 204 No Content with a valid token for own garden' do
-      delete "/api/v1/gardens/#{garden.id}", headers: headers
+      delete "/api/v1/gardens/#{garden.id}", headers: auth_headers
       expect(response).to have_http_status(:no_content)
       expect(Garden.find_by(id: garden.id)).to be_nil
     end
 
     it 'returns 403 Forbidden for another member\'s garden' do
-      delete "/api/v1/gardens/#{other_member_garden.id}", headers: headers
+      delete "/api/v1/gardens/#{other_member_garden.id}", headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end

spec/requests/api/v1/harvests_request_spec.rb

@@ -3,10 +3,10 @@
 require 'rails_helper'
 
 RSpec.describe 'Harvests', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
-  let!(:harvest) { FactoryBot.create(:harvest, owner: member) }
+  let(:headers)  { { 'Accept' => 'application/vnd.api+json' } }
+  let!(:harvest) { FactoryBot.create(:harvest) }
   let(:harvest_encoded_as_json_api) do
     { "id"            => harvest.id.to_s,
       "type"          => "harvests",
@@ -50,7 +50,7 @@ RSpec.describe 'Harvests', type: :request do
 
   let(:attributes) do
     {
-      "harvested-at"    => harvest.harvested_at.strftime('%Y-%m-%d'),
+      "harvested-at"    => "2015-09-17",
       "description"     => harvest.description,
       "unit"            => harvest.unit,
       "weight-quantity" => harvest.weight_quantity.to_s,
@@ -60,13 +60,13 @@ RSpec.describe 'Harvests', type: :request do
   end
 
   describe '#index' do
-    before { get '/api/v1/harvests', params: {}, headers: headers }
+    before { get '/api/v1/harvests', params: {}, headers: }
 
     it { expect(subject['data']).to include(harvest_encoded_as_json_api) }
   end
 
   describe '#show' do
-    before { get "/api/v1/harvests/#{harvest.id}", params: {}, headers: headers }
+    before { get "/api/v1/harvests/#{harvest.id}", params: {}, headers: }
 
     it { expect(subject['data']['attributes']).to eq(attributes) }
     it { expect(subject['data']['relationships']).to include("planting" => planting_as_json_api) }
@@ -77,18 +77,16 @@ RSpec.describe 'Harvests', type: :request do
   end
 
   context 'filtering' do
-    let(:garden) { create(:garden, owner: member) }
-    let(:planting) { create(:planting, garden: garden) }
-    let!(:harvest2) { FactoryBot.create(:harvest, planting: planting) }
+    let!(:harvest2) { FactoryBot.create(:harvest, planting: create(:planting)) }
 
     it 'filters by crop' do
-      get("/api/v1/harvests?filter[crop_id]=#{harvest2.crop.id}", params: {}, headers: headers)
+      get("/api/v1/harvests?filter[crop_id]=#{harvest2.crop.id}", params: {}, headers:)
       expect(subject['data'].size).to eq(1)
       expect(subject['data'][0]['id']).to eq(harvest2.id.to_s)
     end
 
     it 'filters by planting' do
-      get("/api/v1/harvests?filter[planting_id]=#{harvest2.planting.id}", params: {}, headers: headers)
+      get("/api/v1/harvests?filter[planting_id]=#{harvest2.planting.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -96,7 +94,7 @@ RSpec.describe 'Harvests', type: :request do
     end
 
     it 'filters by plant_part' do
-      get("/api/v1/harvests?filter[plant_part]=#{harvest2.plant_part.id}", params: {}, headers: headers)
+      get("/api/v1/harvests?filter[plant_part]=#{harvest2.plant_part.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -104,16 +102,25 @@ RSpec.describe 'Harvests', type: :request do
     end
 
     it 'filters by owner' do
-      get("/api/v1/harvests?filter[owner_id]=#{harvest2.owner.id}", params: {}, headers: headers)
+      get("/api/v1/harvests?filter[owner_id]=#{harvest2.owner.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
-      expect(subject['data'].size).to eq(2)
-      expect(subject['data'].map { |h| h['id'] }).to include(harvest.id.to_s, harvest2.id.to_s)
+      expect(subject['data'].size).to eq(1)
+      expect(subject['data'][0]['id']).to eq(harvest2.id.to_s)
     end
   end
 
   describe '#create' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let(:crop) { create(:crop) }
     let(:planting) { create(:planting, owner: member) }
+    let(:plant_part) { create(:plant_part) }
     let(:harvest_params) do
       {
         data: {
@@ -123,25 +130,34 @@ RSpec.describe 'Harvests', type: :request do
           },
           relationships: {
             planting: { data: { type: 'plantings', id: planting.id } }
+            # plant_part: { data: { type: 'plant_parts', id: plant_part.id } }
           }
         }
       }.to_json
     end
 
     it 'returns 401 Unauthorized without a token' do
-      post '/api/v1/harvests', params: harvest_params, headers: unauthenticated_headers
+      post '/api/v1/harvests', params: harvest_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 201 Created with a valid token' do
-      expect do
-        post '/api/v1/harvests', params: harvest_params, headers: headers
-      end.to change { member.harvests.count }.by(1)
+      post '/api/v1/harvests', params: harvest_params, headers: auth_headers
+
       expect(response).to have_http_status(:created)
+      expect(member.harvests.count).to eq(1)
     end
   end
 
   describe '#update' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let(:harvest) { create(:harvest, owner: member) }
     let(:other_member_harvest) { create(:harvest) }
     let(:update_params) do
       {
@@ -156,12 +172,12 @@ RSpec.describe 'Harvests', type: :request do
     end
 
     it 'returns 401 Unauthorized without a token' do
-      patch "/api/v1/harvests/#{harvest.id}", params: update_params, headers: unauthenticated_headers
+      patch "/api/v1/harvests/#{harvest.id}", params: update_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 200 OK with a valid token for own harvest' do
-      patch "/api/v1/harvests/#{harvest.id}", params: update_params, headers: headers
+      patch "/api/v1/harvests/#{harvest.id}", params: update_params, headers: auth_headers
 
       expect(response).to have_http_status(:ok)
       expect(harvest.reload.description).to eq('An updated harvest')
@@ -177,29 +193,35 @@ RSpec.describe 'Harvests', type: :request do
           }
         }
       }.to_json
-      patch "/api/v1/harvests/#{other_member_harvest.id}", params: update_params_for_other, headers: headers
+      patch "/api/v1/harvests/#{other_member_harvest.id}", params: update_params_for_other, headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end
 
   describe '#delete' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let!(:harvest) { create(:harvest, owner: member) }
     let(:other_member_harvest) { create(:harvest) }
 
     it 'returns 401 Unauthorized without a token' do
-      delete "/api/v1/harvests/#{harvest.id}", headers: unauthenticated_headers
+      delete "/api/v1/harvests/#{harvest.id}", headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 204 No Content with a valid token for own harvest' do
-      garden = harvest.planting.garden
-      delete "/api/v1/harvests/#{harvest.id}", headers: headers
+      delete "/api/v1/harvests/#{harvest.id}", headers: auth_headers
       expect(response).to have_http_status(:no_content)
-      expect(Harvest.find_by(id: harvest.id)).to be_nil
-      expect(Garden.find_by(id: garden.id)).not_to be_nil
+      expect(Garden.find_by(id: harvest.id)).to be_nil
     end
 
     it 'returns 403 Forbidden for another member\'s harvest' do
-      delete "/api/v1/harvests/#{other_member_harvest.id}", headers: headers
+      delete "/api/v1/harvests/#{other_member_harvest.id}", headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end

spec/requests/api/v1/members_request_spec.rb

@@ -3,9 +3,10 @@
 require 'rails_helper'
 
 RSpec.describe 'Members', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
+  let(:headers) { { 'Accept' => 'application/vnd.api+json' } }
+  let!(:member) { FactoryBot.create(:member) }
   let(:member_encoded_as_json_api) do
     { "id"            => member.id.to_s,
       "type"          => "members",
@@ -67,13 +68,13 @@ RSpec.describe 'Members', type: :request do
   end
 
   describe '#index' do
-    before { get '/api/v1/members', params: {}, headers: headers }
+    before { get '/api/v1/members', params: {}, headers: }
 
     it { expect(subject['data']).to include(member_encoded_as_json_api) }
   end
 
   describe '#show' do
-    before { get "/api/v1/members/#{member.id}", params: {}, headers: headers }
+    before { get "/api/v1/members/#{member.id}", params: {}, headers: }
 
     it { expect(subject['data']['relationships']).to include("gardens" => gardens_as_json_api) }
     it { expect(subject['data']['relationships']).to include("plantings" => plantings_as_json_api) }
@@ -86,7 +87,7 @@ RSpec.describe 'Members', type: :request do
 
   it '#create' do
     expect do
-      post '/api/v1/members', params: { 'member' => { 'login_name' => 'can i make this' } }, headers: headers
+      post '/api/v1/members', params: { 'member' => { 'login_name' => 'can i make this' } }, headers:
     end.to raise_error ActionController::RoutingError
   end
 
@@ -95,13 +96,13 @@ RSpec.describe 'Members', type: :request do
       post "/api/v1/members/#{member.id}", params:  {
                                              'member' => { 'login_name' => 'can i modify this' }
                                            },
-                                           headers: headers
+                                           headers:
     end.to raise_error ActionController::RoutingError
   end
 
   it '#delete' do
     expect do
-      delete "/api/v1/members/#{member.id}", params: {}, headers: headers
+      delete "/api/v1/members/#{member.id}", params: {}, headers:
     end.to raise_error ActionController::RoutingError
   end
 end

spec/requests/api/v1/photos_request_spec.rb

@@ -3,10 +3,10 @@
 require 'rails_helper'
 
 RSpec.describe 'Photos', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
-  let!(:photo)  { FactoryBot.create(:photo, owner: member) }
+  let(:headers) { { 'Accept' => 'application/vnd.api+json' } }
+  let!(:photo)  { FactoryBot.create(:photo) }
   let(:photo_encoded_as_json_api) do
     { "id"            => photo.id.to_s,
       "type"          => "photos",
@@ -58,13 +58,13 @@ RSpec.describe 'Photos', type: :request do
   end
 
   describe '#index' do
-    before { get '/api/v1/photos', params: {}, headers: headers }
+    before { get '/api/v1/photos', params: {}, headers: }
 
     it { expect(subject['data']).to include(photo_encoded_as_json_api) }
   end
 
   describe '#show' do
-    before { get "/api/v1/photos/#{photo.id}", params: {}, headers: headers }
+    before { get "/api/v1/photos/#{photo.id}", params: {}, headers: }
 
     it { expect(subject['data']['attributes']).to eq(attributes) }
     it { expect(subject['data']['relationships']).to include("plantings" => plantings_as_json_api) }
@@ -75,19 +75,19 @@ RSpec.describe 'Photos', type: :request do
 
   it '#create' do
     expect do
-      post '/api/v1/photos', params: { 'photo' => { 'name' => 'can i make this' } }, headers: headers
+      post '/api/v1/photos', params: { 'photo' => { 'name' => 'can i make this' } }, headers:
     end.to raise_error ActionController::RoutingError
   end
 
   it '#update' do
     expect do
-      post "/api/v1/photos/#{photo.id}", params: { 'photo' => { 'name' => 'can i modify this' } }, headers: headers
+      post "/api/v1/photos/#{photo.id}", params: { 'photo' => { 'name' => 'can i modify this' } }, headers:
     end.to raise_error ActionController::RoutingError
   end
 
   it '#delete' do
     expect do
-      delete "/api/v1/photos/#{photo.id}", params: {}, headers: headers
+      delete "/api/v1/photos/#{photo.id}", params: {}, headers:
     end.to raise_error ActionController::RoutingError
   end
 end

spec/requests/api/v1/plantings_request_spec.rb

@@ -3,10 +3,10 @@
 require 'rails_helper'
 
 RSpec.describe 'Plantings', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
-  let!(:planting) { FactoryBot.create(:planting, owner: member) }
+  let(:headers)   { { 'Accept' => 'application/vnd.api+json' } }
+  let!(:planting) { FactoryBot.create(:planting) }
   let(:planting_encoded_as_json_api) do
     { "id"            => planting.id.to_s,
       "type"          => "plantings",
@@ -56,11 +56,11 @@ RSpec.describe 'Plantings', type: :request do
   let(:attributes) do
     {
       "slug"                => planting.slug,
-      "planted-at"          => planting.planted_at.strftime('%Y-%m-%d'),
+      "planted-at"          => "2014-07-30",
       "failed"              => false,
       "finished-at"         => nil,
       "finished"            => false,
-      "quantity"            => planting.quantity,
+      "quantity"            => 33,
       "description"         => planting.description,
       "crop-name"           => planting.crop.name,
       "crop-slug"           => planting.crop.slug,
@@ -79,14 +79,14 @@ RSpec.describe 'Plantings', type: :request do
   end
 
   it '#index' do
-    get('/api/v1/plantings', params: {}, headers: headers)
+    get('/api/v1/plantings', params: {}, headers:)
     expect(subject['data'][0].keys).to eq(planting_encoded_as_json_api.keys)
     expect(subject['data'][0]['attributes'].keys.sort!).to eq(planting_encoded_as_json_api['attributes'].keys.sort!)
     expect(subject['data']).to include(planting_encoded_as_json_api)
   end
 
   it '#show' do
-    get("/api/v1/plantings/#{planting.id}", params: {}, headers: headers)
+    get("/api/v1/plantings/#{planting.id}", params: {}, headers:)
     expect(subject['data']['relationships']).to include("garden" => garden_as_json_api)
     expect(subject['data']['relationships']).to include("crop" => crop_as_json_api)
     expect(subject['data']['relationships']).to include("owner" => owner_as_json_api)
@@ -96,6 +96,13 @@ RSpec.describe 'Plantings', type: :request do
   end
 
   describe '#create' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
     let(:crop) { create(:crop) }
     let(:garden) { create(:garden, owner: member) }
     let(:planting_params) do
@@ -114,19 +121,27 @@ RSpec.describe 'Plantings', type: :request do
     end
 
     it 'returns 401 Unauthorized without a token' do
-      post '/api/v1/plantings', params: planting_params, headers: unauthenticated_headers
+      post '/api/v1/plantings', params: planting_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 201 Created with a valid token' do
-      expect do
-        post '/api/v1/plantings', params: planting_params, headers: headers
-      end.to change { member.plantings.count }.by(1)
+      post '/api/v1/plantings', params: planting_params, headers: auth_headers
+
       expect(response).to have_http_status(:created)
+      expect(member.plantings.count).to eq(1)
     end
   end
 
   describe '#update' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let(:planting) { create(:planting, owner: member) }
     let(:other_member_planting) { create(:planting) }
     let(:update_params) do
       {
@@ -141,12 +156,12 @@ RSpec.describe 'Plantings', type: :request do
     end
 
     it 'returns 401 Unauthorized without a token' do
-      patch "/api/v1/plantings/#{planting.id}", params: update_params, headers: unauthenticated_headers
+      patch "/api/v1/plantings/#{planting.id}", params: update_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 200 OK with a valid token for own planting' do
-      patch "/api/v1/plantings/#{planting.id}", params: update_params, headers: headers
+      patch "/api/v1/plantings/#{planting.id}", params: update_params, headers: auth_headers
 
       expect(response).to have_http_status(:ok)
       expect(planting.reload.description).to eq('An updated planting')
@@ -162,85 +177,83 @@ RSpec.describe 'Plantings', type: :request do
           }
         }
       }.to_json
-      patch "/api/v1/plantings/#{other_member_planting.id}", params: update_params_for_other, headers: headers
+      patch "/api/v1/plantings/#{other_member_planting.id}", params: update_params_for_other, headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end
 
   describe '#delete' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let!(:planting) { create(:planting, owner: member) }
     let(:other_member_planting) { create(:planting) }
 
     it 'returns 401 Unauthorized without a token' do
-      delete "/api/v1/plantings/#{planting.id}", headers: unauthenticated_headers
+      delete "/api/v1/plantings/#{planting.id}", headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 204 No Content with a valid token for own planting' do
-      garden = planting.garden
-      delete "/api/v1/plantings/#{planting.id}", headers: headers
+      delete "/api/v1/plantings/#{planting.id}", headers: auth_headers
       expect(response).to have_http_status(:no_content)
-      expect(Planting.find_by(id: planting.id)).to be_nil
-      expect(Garden.find_by(id: garden.id)).not_to be_nil
+      expect(Garden.find_by(id: planting.id)).to be_nil
     end
 
     it 'returns 403 Forbidden for another member\'s planting' do
-      delete "/api/v1/plantings/#{other_member_planting.id}", headers: headers
+      delete "/api/v1/plantings/#{other_member_planting.id}", headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end
 
   describe "by member/owner" do
-    let!(:planting2) { create(:planting, owner: create(:owner)) }
-    let(:member2) { planting2.owner }
-
-    describe "on /api/v1/plantings" do
-      it "filters by owner but respects authorization scope" do
-        # Filtering by the current member's id should work
-        get "/api/v1/plantings?filter[owner-id]=#{member.id}", headers: headers
-        expect(response).to have_http_status(:ok)
-        expect(subject['data'].size).to eq(1)
-        expect(subject['data'][0]['id']).to eq(planting.id.to_s)
-
-        # Filtering by another member's id should return nothing from the scoped collection
-        get "/api/v1/plantings?filter[owner-id]=#{member2.id}", headers: headers
-        expect(response).to have_http_status(:ok)
-        expect(subject['data']).to be_empty
-      end
+    before :each do
+      @member1 = planting.owner
+      @planting2 = create(:planting, owner: create(:owner))
+      @member2 = @planting2.owner
     end
 
-    describe "on /api/v1/members/:id/plantings" do
-      it "returns plantings for the correct member" do
-        get "/api/v1/members/#{member.id}/plantings", headers: headers
-        expect(response).to have_http_status(:ok)
-        expect(subject['data'].size).to eq(1)
-        expect(subject['data'][0]['id']).to eq(planting.id.to_s)
-      end
+    describe "#show" do
+      it "locates the correct member" do
+        get "/api/v1/plantings?filter[owner-id]=#{@member1.id}"
+        expect(JSON.parse(response.body)['data'][0]['id']).to eq(planting.id.to_s)
 
-      it "returns forbidden when accessing another member's plantings" do
-        get "/api/v1/members/#{member2.id}/plantings", headers: headers
-        expect(response).to have_http_status(:forbidden)
+        get "/api/v1/plantings?filter[owner-id]=#{@member2.id}"
+        expect(JSON.parse(response.body)['data'][0]['id']).to eq(@planting2.id.to_s)
+
+        pending "The below should be identical to the above, but aren't."
+
+        get "/api/v1/members/#{@member1.id}/plantings"
+        expect(JSON.parse(response.body)['data'][0]['id']).to eq(planting.id.to_s)
+
+        get "/api/v1/members/#{@member2.id}/plantings"
+        expect(JSON.parse(response.body)['data'][0]['id']).to eq(@planting2.id.to_s)
       end
     end
   end
 
   context 'filtering' do
-    let!(:planting2) { FactoryBot.create(:planting, owner: member, failed: true, sunniness: 'shade') }
-    let!(:perennial_planting) { FactoryBot.create(:planting, owner: member, crop: FactoryBot.create(:crop, perennial: true)) }
+    let!(:planting2) { FactoryBot.create(:planting, failed: true, sunniness: 'shade') }
+    let!(:perennial_planting) { FactoryBot.create(:planting, crop: FactoryBot.create(:crop, perennial: true)) }
 
     it 'filters by failed' do
-      get('/api/v1/plantings?filter[failed]=true', params: {}, headers: headers)
+      get('/api/v1/plantings?filter[failed]=true', params: {}, headers:)
       expect(subject['data'].size).to eq(1)
       expect(subject['data'][0]['id']).to eq(planting2.id.to_s)
     end
 
     it 'filters by sunniness' do
-      get('/api/v1/plantings?filter[sunniness]=shade', params: {}, headers: headers)
+      get('/api/v1/plantings?filter[sunniness]=shade', params: {}, headers:)
       expect(subject['data'].size).to eq(1)
       expect(subject['data'][0]['id']).to eq(planting2.id.to_s)
     end
 
     it 'filters by perennial' do
-      get('/api/v1/plantings?filter[perennial]=true', params: {}, headers: headers)
+      get('/api/v1/plantings?filter[perennial]=true', params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -248,11 +261,11 @@ RSpec.describe 'Plantings', type: :request do
     end
 
     it 'filters by active' do
-      get('/api/v1/plantings?filter[active]=true', params: {}, headers: headers)
+      get('/api/v1/plantings?filter[active]=true', params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(2)
-      expect(subject['data'].map { |p| p['id'] }).to include(planting.id.to_s, perennial_planting.id.to_s)
+      expect(subject['data'][0]['id']).to eq(planting.id.to_s)
     end
   end
 end

spec/requests/api/v1/seeds_request_spec.rb

@@ -3,10 +3,10 @@
 require 'rails_helper'
 
 RSpec.describe 'Seeds', type: :request do
-  include_context 'with authenticated member'
   subject { JSON.parse response.body }
 
-  let!(:seed)   { FactoryBot.create(:seed, owner: member) }
+  let(:headers) { { 'Accept' => 'application/vnd.api+json' } }
+  let!(:seed)   { FactoryBot.create(:seed) }
   let(:seed_encoded_as_json_api) do
     { "id"            => seed.id.to_s,
       "type"          => "seeds",
@@ -36,7 +36,7 @@ RSpec.describe 'Seeds', type: :request do
     {
       "description"             => seed.description,
       "quantity"                => seed.quantity,
-      "plant-before"            => seed.plant_before.strftime('%Y-%m-%d'),
+      "plant-before"            => "2013-07-15",
       "tradable-to"             => seed.tradable_to,
       "days-until-maturity-min" => seed.days_until_maturity_min,
       "days-until-maturity-max" => seed.days_until_maturity_max,
@@ -47,13 +47,13 @@ RSpec.describe 'Seeds', type: :request do
   end
 
   describe '#index' do
-    before { get '/api/v1/seeds', params: {}, headers: headers }
+    before { get '/api/v1/seeds', params: {}, headers: }
 
     it { expect(subject['data']).to include(seed_encoded_as_json_api) }
   end
 
   describe '#show' do
-    before { get "/api/v1/seeds/#{seed.id}", params: {}, headers: headers }
+    before { get "/api/v1/seeds/#{seed.id}", params: {}, headers: }
 
     it { expect(subject['data']['attributes']).to eq(attributes) }
     it { expect(subject['data']['relationships']).to include("owner" => owner_as_json_api) }
@@ -62,6 +62,13 @@ RSpec.describe 'Seeds', type: :request do
   end
 
   describe '#create' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
     let(:crop) { create(:crop) }
     let(:seed_params) do
       {
@@ -78,19 +85,27 @@ RSpec.describe 'Seeds', type: :request do
     end
 
     it 'returns 401 Unauthorized without a token' do
-      post '/api/v1/seeds', params: seed_params, headers: unauthenticated_headers
+      post '/api/v1/seeds', params: seed_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 201 Created with a valid token' do
-      expect do
-        post '/api/v1/seeds', params: seed_params, headers: headers
-      end.to change { member.seeds.count }.by(1)
+      post '/api/v1/seeds', params: seed_params, headers: auth_headers
       expect(response).to have_http_status(:created)
+      expect(member.seeds.count).to eq(1)
     end
   end
 
   describe '#update' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let(:crop) { create(:crop) }
+    let(:seed) { create(:seed, owner: member, crop: crop) }
     let(:other_member_seed) { create(:seed) }
     let(:update_params) do
       {
@@ -105,12 +120,12 @@ RSpec.describe 'Seeds', type: :request do
     end
 
     it 'returns 401 Unauthorized without a token' do
-      patch "/api/v1/seeds/#{seed.id}", params: update_params, headers: unauthenticated_headers
+      patch "/api/v1/seeds/#{seed.id}", params: update_params, headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 200 OK with a valid token for own seed' do
-      patch "/api/v1/seeds/#{seed.id}", params: update_params, headers: headers
+      patch "/api/v1/seeds/#{seed.id}", params: update_params, headers: auth_headers
       expect(response).to have_http_status(:ok)
       expect(seed.reload.description).to eq('An updated seed')
     end
@@ -125,39 +140,47 @@ RSpec.describe 'Seeds', type: :request do
           }
         }
       }.to_json
-      patch "/api/v1/seeds/#{other_member_seed.id}", params: update_params_for_other, headers: headers
+      patch "/api/v1/seeds/#{other_member_seed.id}", params: update_params_for_other, headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end
 
   describe '#delete' do
+    let!(:member) { create(:member) }
+    let(:token) do
+      member.regenerate_api_token
+      member.api_token.token
+    end
+    let(:headers) { { 'Accept' => 'application/vnd.api+json', 'Content-Type' => 'application/vnd.api+json' } }
+    let(:auth_headers) { headers.merge('Authorization' => "Bearer #{token}") }
+    let(:crop) { create(:crop) }
+    let!(:seed) { create(:seed, owner: member, crop: crop) }
     let(:other_member_seed) { create(:seed) }
 
     it 'returns 401 Unauthorized without a token' do
-      delete "/api/v1/seeds/#{seed.id}", headers: unauthenticated_headers
+      delete "/api/v1/seeds/#{seed.id}", headers: headers
       expect(response).to have_http_status(:unauthorized)
     end
 
     it 'returns 204 No Content with a valid token for own seed' do
-      delete "/api/v1/seeds/#{seed.id}", headers: headers
+      delete "/api/v1/seeds/#{seed.id}", headers: auth_headers
       expect(response).to have_http_status(:no_content)
       expect(Seed.find_by(id: seed.id)).to be_nil
     end
 
     it 'returns 403 Forbidden for another member\'s seed' do
-      delete "/api/v1/seeds/#{other_member_seed.id}", headers: headers
+      delete "/api/v1/seeds/#{other_member_seed.id}", headers: auth_headers
       expect(response).to have_http_status(:forbidden)
     end
   end
 
   context 'filtering' do
     let!(:seed2) do
-      FactoryBot.create(:seed, owner: member, tradable_to: 'nationally', organic: 'certified organic', gmo: 'certified GMO-free', heirloom: 'heirloom')
+      FactoryBot.create(:seed, tradable_to: 'nationally', organic: 'certified organic', gmo: 'certified GMO-free', heirloom: 'heirloom')
     end
-    let!(:other_member_seed) { create(:seed) }
 
     it 'filters by crop' do
-      get("/api/v1/seeds?filter[crop]=#{seed2.crop.id}", params: {}, headers: headers)
+      get("/api/v1/seeds?filter[crop]=#{seed2.crop.id}", params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -165,7 +188,7 @@ RSpec.describe 'Seeds', type: :request do
     end
 
     it 'filters by tradable_to' do
-      get('/api/v1/seeds?filter[tradable_to]=nationally', params: {}, headers: headers)
+      get('/api/v1/seeds?filter[tradable_to]=nationally', params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -173,7 +196,7 @@ RSpec.describe 'Seeds', type: :request do
     end
 
     it 'filters by organic' do
-      get('/api/v1/seeds?filter[organic]=certified organic', params: {}, headers: headers)
+      get('/api/v1/seeds?filter[organic]=certified organic', params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -181,7 +204,7 @@ RSpec.describe 'Seeds', type: :request do
     end
 
     it 'filters by gmo' do
-      get('/api/v1/seeds?filter[gmo]=certified GMO-free', params: {}, headers: headers)
+      get('/api/v1/seeds?filter[gmo]=certified GMO-free', params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -189,7 +212,7 @@ RSpec.describe 'Seeds', type: :request do
     end
 
     it 'filters by heirloom' do
-      get('/api/v1/seeds?filter[heirloom]=heirloom', params: {}, headers: headers)
+      get('/api/v1/seeds?filter[heirloom]=heirloom', params: {}, headers:)
 
       expect(response).to have_http_status(:ok)
       expect(subject['data'].size).to eq(1)
@@ -197,14 +220,11 @@ RSpec.describe 'Seeds', type: :request do
     end
 
     it 'filters by owner' do
-      get("/api/v1/seeds?filter[owner_id]=#{member.id}", params: {}, headers: headers)
-      expect(response).to have_http_status(:ok)
-      expect(subject['data'].size).to eq(2)
-      expect(subject['data'].map { |s| s['id'] }).to include(seed.id.to_s, seed2.id.to_s)
+      get("/api/v1/seeds?filter[owner_id]=#{seed2.owner.id}", params: {}, headers:)
 
-      get("/api/v1/seeds?filter[owner_id]=#{other_member_seed.owner.id}", params: {}, headers: headers)
       expect(response).to have_http_status(:ok)
-      expect(subject['data']).to be_empty
+      expect(subject['data'].size).to eq(1)
+      expect(subject['data'][0]['id']).to eq(seed2.id.to_s)
     end
   end
 end

spec/support/api_auth_helpers.rb

@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-RSpec.shared_context 'with authenticated member' do
-  let(:member) { create(:member) }
-  let(:api_token) { member.regenerate_api_token }
-  let(:headers) do
-    {
-      'Accept' => 'application/vnd.api+json',
-      'Authorization' => "Token token=#{api_token.token}",
-      'Content-Type' => 'application/vnd.api+json'
-    }
-  end
-  let(:unauthenticated_headers) do
-    {
-      'Accept' => 'application/vnd.api+json',
-      'Content-Type' => 'application/vnd.api+json'
-    }
-  end
-end

yarn.lock

@@ -1006,9 +1006,9 @@ js-tokens@^4.0.0:
   integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
 
 js-yaml@^3.13.0:
-  version "3.14.1"
-  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537"
-  integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==
+  version "3.14.2"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.2.tgz#77485ce1dd7f33c061fd1b16ecea23b55fcb04b0"
+  integrity sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==
   dependencies:
     argparse "^1.0.7"
     esprima "^4.0.0"